You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by shyenuganti <sh...@gmail.com> on 2010/03/02 15:41:18 UTC

Axis2 1.3 File Creation Error

Hi,

I am using Axis2 1.3 to provide a web service. In the business logic of the
service, I need to create some temporary directories and work on them. When
I actually create the temp directories and files, It shows that the
directories are created. I do have all the permissions to create the files.
But when I tried to read them, an exception is thrown. Does Axis2 servlet in
anyway prevent writing to the file system? Do I need to change any settings
in the conf file ?

Thank You.
Sri Harsha Yenuganti
-- 
View this message in context: http://old.nabble.com/Axis2-1.3-File-Creation-Error-tp27756643p27756643.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org

AW: Axis2 1.3 File Creation Error

Posted by Stadelmann Josef <jo...@axa-winterthur.ch>.
Various Operating System have various File Directory/Protection mechanism and user authentication schemas up on which certain authorization is granted, up on which data (file and directory) protection is established.
 
Basically: In order to help you, the team or community needs to know (as said yesterday) on what OS your working on!


Of major importance are the file system protection principles, such as access rules (S:RWED, O:RWED, G:RE, W) and privileges granted to the process where the JVM runs under. 


In Open VMS I can assign the process under which the JVM runs, i.e. the BYPASS priv. This would allow the JVM process to bypass any file protection mechanism and access just any users director/file. However we have decided to give the JVM running tomcat only NETMBX and TMPMBX. So this process JVM -.-.-. running after all the servlet can call any java file service routines BUT will fail except for files and directories belonging to him his own user-domain. i.e. for axis2 web services under apache$specific:[000000] (the home dir of Apache Jakarta Tomcat).


Given we would run the JVM under the OpenVMS system account (under the root user in Unix) a user with BYPASS privileges by default, all types of file access would work fine.


But as our web service process does not have BYPASS by default and is not allowed to request it either, it would not have any access rights to any user directory and file for which the other user would not have assigned the correct file protection. i.e. W:RWED OR a ACLE first.


I have just written a Binary File Transfer from a Vista WCF Client to an OpenVMS Axis2 Web Service Server. 
Axis2 being a servlet for sure.


What authorization is granted to the process running the JVM, up on which Tomcat runs up on which the Axis2 runs up on which my web service runs?
This is what you have to find out. The process running JVM may run with the privileges of the apache$www user. In Linux/Solaris it may run as root user.


In VMS a file can be written to a given other users directory by assigning an ACLE (Access Control List Entry) to the directory into which the axis2 web service shall write a temporary directory and/or a file. The ACLE assigned to a users directory would tell the file system that when a process has the rights identifier as given by the ACLE, the process would also have the the access rights granted as given by the ACLE. 

Such a file system allows for very fine file system access granularity. i.e.

$ DIR/SEC stadelma.dir

Directory DKB3:[000000]

stadelma.DIR;1       [MATH,STADELMA]                  (RWE,RWE,RE,E)
          (DEFAULT_PROTECTION,SYSTEM:RWED,OWNER:RWED,GROUP:RWE,WORLD:RE)
          (IDENTIFIER=[AP_HTTPD,APACHE$WWW],ACCESS=READ+WRITE+EXECUTE)

That is: stadelma.dir belongs to [MATH,STADELMA], [GID,UIC] and 
any process belonging with a group ID of [AP_HTTPD and a UIC of APACHE$WWW] has the following rights ACCESS=READ+WRITE+EXECEUTE
The process can read and write into stadelma.dir, and maybe some applications demand for the EXECUTE right on stadelma.dir.

This is how it works for OpenVMS.

Now how does that work for Windows, Linux, etc. .... other OS?


Josef



-----Ursprüngliche Nachricht-----
Von: shyenuganti [mailto:shyenuganti@gmail.com] 
Gesendet: Dienstag, 2. März 2010 15:41
An: axis-user@ws.apache.org
Betreff: Axis2 1.3 File Creation Error


Hi,

I am using Axis2 1.3 to provide a web service. In the business logic of the
service, I need to create some temporary directories and work on them. When
I actually create the temp directories and files, It shows that the
directories are created. I do have all the permissions to create the files.
But when I tried to read them, an exception is thrown. Does Axis2 servlet in
anyway prevent writing to the file system? Do I need to change any settings
in the conf file ?

Thank You.
Sri Harsha Yenuganti
-- 
View this message in context: http://old.nabble.com/Axis2-1.3-File-Creation-Error-tp27756643p27756643.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org